Jump to content

Can we please have 2FA?


Recommended Posts

Can we please think about getting this introduced. I’ve read several threads about members having there accounts hacked, and I assume Fiverr won’t be compensating for any funds lost. I think most people with a bit of common sense have this enabled on most of the accounts they want secured. So while earning money through Fiverr, would it not be a very good idea to introduce 2FA?

I for one, feel very unsafe and almost immediately withdraw my funds, but this shouldn’t be the case. We shouldn’t have to worry about being hacked. More withdrawals = more fees.

Link to comment
Share on other sites

Guest uxreview

Can we please think about getting this introduced. I’ve read several threads about members having there accounts hacked, and I assume Fiverr won’t be compensating for any funds lost. I think most people with a bit of common sense have this enabled on most of the accounts they want secured. So while earning money through Fiverr, would it not be a very good idea to introduce 2FA?

I for one, feel very unsafe and almost immediately withdraw my funds, but this shouldn’t be the case. We shouldn’t have to worry about being hacked. More withdrawals = more fees.

Can we please think about getting this introduced.

I would support it, although I’m not really missing it.

Right now I use LastPass for all my passwords including Fiverr and it has 2FA.

Link to comment
Share on other sites

Can we please think about getting this introduced.

I would support it, although I’m not really missing it.

Right now I use LastPass for all my passwords including Fiverr and it has 2FA.

Right now I use LastPass for all my passwords including Fiverr and it has 2FA

How do you know it’s secure? I’m not sure it’s safe to trust password saver apps.

Link to comment
Share on other sites

Guest uxreview

Right now I use LastPass for all my passwords including Fiverr and it has 2FA

How do you know it’s secure? I’m not sure it’s safe to trust password saver apps.

How do you know it’s secure?

The only way you can get in is if you have my phone. There’s no other way.

Nothing is 100% secure, but it’s better than typing a password that you can remember.

Link to comment
Share on other sites

How do you know it’s secure?

The only way you can get in is if you have my phone. There’s no other way.

Nothing is 100% secure, but it’s better than typing a password that you can remember.

I mean how do you know they don’t send the information stored in them to some place else? Like some kind of hack? Like a keylogger? Wouldn’t an app like that be perfect for a hacker to use? It’s like the perfect trojan.

Link to comment
Share on other sites

Guest uxreview

I mean how do you know they don’t send the information stored in them to some place else? Like some kind of hack? Like a keylogger? Wouldn’t an app like that be perfect for a hacker to use? It’s like the perfect trojan.

Nope, it’s easier to attack Fiverr where people use passwords such as “password123” than try to hack a service with a sole purpose of keeping passwords secure.

More info here (there are other articles explaining it’s pros)

https://lastpass.com/support.php?cmd=showfaq&id=6926

Link to comment
Share on other sites

Nope, it’s easier to attack Fiverr where people use passwords such as “password123” than try to hack a service with a sole purpose of keeping passwords secure.

More info here (there are other articles explaining it’s pros)

https://lastpass.com/support.php?cmd=showfaq&id=6926

If the app had a trojan imbedded in it when you installed it, that would make it easy for a hacker. I don’t trust them.

Link to comment
Share on other sites

I think the security question is what was the name of my best friend in school. No one but me knows that so it’s pretty secure. Why would there need to be another one?

I haven’t been asked that yet. I have had a code sent to my phone a couple of times. Someone would need to have my phone to be able to do anything with my account.

Link to comment
Share on other sites

Guest uxreview

If the app had a trojan imbedded in it when you installed it, that would make it easy for a hacker. I don’t trust them.

Trusting LastPass or a similar service/software with all your passwords is definitely a valid concern and I get why some people don’t wish to use it.

There is no such thing as a 100% secure system. It comes down to finding a solution that fits your needs and has the least amount of security holes.

I’ve done my research and the most suitable option for me is LastPass.

  • I have probably 20+ accounts on various platforms that I use almost daily.
  • I also have a decent amount of clients who trust me to keep their website secure.
  • There’s no way I could remember all the passwords especially if a password is a random string of numbers, letters and special chars. I don’t use names, places etc. because it’s simply not secure.
  • I have tried various techniques in the past such as formulas, but I didn’t find those very secure nor convenient.

So I needed a solution that is able to protect all my tools, clients and something that would be convenient to use. After trying several solutions (online & offline) I found LastPass.

Benefits

  • It’s secure (AES-256, SHA-256 and salted hashes)
  • Decrypting is only at the device level so no interceptions and even LastPass doesn’t have the passwords in text format. They can’t sell my passwords.
  • It has 2FA which means you need to have access to my phone to get in.
  • It’s available through my browser and it has plenty of shortcuts.
  • It’s super cheap

I think every web developer should use something like this to keep their clients secure 🙂

It doesn’t have to be LastPass, it can be any other service.

Link to comment
Share on other sites

Trusting LastPass or a similar service/software with all your passwords is definitely a valid concern and I get why some people don’t wish to use it.

There is no such thing as a 100% secure system. It comes down to finding a solution that fits your needs and has the least amount of security holes.

I’ve done my research and the most suitable option for me is LastPass.

  • I have probably 20+ accounts on various platforms that I use almost daily.
  • I also have a decent amount of clients who trust me to keep their website secure.
  • There’s no way I could remember all the passwords especially if a password is a random string of numbers, letters and special chars. I don’t use names, places etc. because it’s simply not secure.
  • I have tried various techniques in the past such as formulas, but I didn’t find those very secure nor convenient.

So I needed a solution that is able to protect all my tools, clients and something that would be convenient to use. After trying several solutions (online & offline) I found LastPass.

Benefits

  • It’s secure (AES-256, SHA-256 and salted hashes)
  • Decrypting is only at the device level so no interceptions and even LastPass doesn’t have the passwords in text format. They can’t sell my passwords.
  • It has 2FA which means you need to have access to my phone to get in.
  • It’s available through my browser and it has plenty of shortcuts.
  • It’s super cheap

I think every web developer should use something like this to keep their clients secure 🙂

It doesn’t have to be LastPass, it can be any other service.

What if your hard drive crashes? Then you lose the passwords. I only have a few to remember. But they are complex. So if my memory fails I’m in trouble. I have something that must be on chrome that pops up to ask if I want it to remember them too. I don’t even know what that is now that I think about it.

Link to comment
Share on other sites

Guest uxreview

What if your hard drive crashes? Then you lose the passwords. I only have a few to remember. But they are complex. So if my memory fails I’m in trouble. I have something that must be on chrome that pops up to ask if I want it to remember them too. I don’t even know what that is now that I think about it.

What if your hard drive crashes?

Doesn’t matter, I can access my passwords on any device. LastPass stores my passwords in encrypted format on their server so it doesn’t matter if I use my laptop or not.

I have something that must be on chrome that pops up to ask if I want it to remember them too.

You can disable that from Chrome advanced settings. A lot of people use that, but that’s not a good solution.

Link to comment
Share on other sites

What if your hard drive crashes?

Doesn’t matter, I can access my passwords on any device. LastPass stores my passwords in encrypted format on their server so it doesn’t matter if I use my laptop or not.

I have something that must be on chrome that pops up to ask if I want it to remember them too.

You can disable that from Chrome advanced settings. A lot of people use that, but that’s not a good solution.

that’s not a good solution.

If someone ever steals my laptop then they will have some passwords. I don’t have my main ones anyplace except in my memory.

Link to comment
Share on other sites

What if your hard drive crashes? Then you lose the passwords. I only have a few to remember. But they are complex. So if my memory fails I’m in trouble. I have something that must be on chrome that pops up to ask if I want it to remember them too. I don’t even know what that is now that I think about it.

I only have a few to remember. But they are complex. So if my memory fails I’m in trouble.

⬇️ This could be a solution. (From xkcd)

password_strength.png.d9ea82d7b54e9e1996e22a5beaeabadc.png
Link to comment
Share on other sites

I only have a few to remember. But they are complex. So if my memory fails I’m in trouble.

⬇️ This could be a solution. (From xkcd)

A good bit of my passwords are quite long; especially if the site permits it. My backup for passwords is a physical journal which came in handy with both my laptop and main computer had to under go a reboot which resulted in everything that was saved, including passwords, getting wiped. I don’t mind 2FA to an extent, but there are times where they get a bit ridiculous if not time consuming.

Link to comment
Share on other sites

  • 1 year later...
  • 7 months later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...